home

Supported platforms

Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers
Getting startedOverviewArchitectureSupported platformsRelease notesWhite papers

Vyatta documentation

Learn how to install, configure, and operate the Vyatta Network Operating System (Vyatta NOS) and Orchestrator, which help drive our virtual networking and physical platforms portfolio.

Show On this page:

thumbnailSupported platforms

Configure SPOKE1

Configuring an ESP group on SPOKE1

To create an ESP group, perform the following steps on SPOKE1 in configuration mode.

Table 1. Configuring an ESP group on SPOKE1

Step

Command

Create the configuration node for proposal 1 of ESP group ESP-1S. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1S proposal 1

Set the encryption cipher for proposal 1. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1S proposal 1 encryption aes256

Set the hash algorithm for proposal 1. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1S proposal 1 hash sha1

Set the encryption cipher for proposal 2. This action also creates the configuration node for proposal 2 of ESP group ESP-1S. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1H proposal 2 encryption aes128gcm128

Set the hash algorithm for proposal 2. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1S proposal 2 hash null

Set the lifetime for the whole ESP group. 

vyatta@SPOKE1# set security vpn ipsec esp-group ESP-1S lifetime 1800

View the configuration for the ESP group. Do not commit yet. 

vyatta@SPOKE1# show vpn ipsec esp-group ESP-1S

>    proposal 1 {
>        encryption aes256
>        hash sha1
>    }
>    proposal 2 {
>        encryption aes128gcm128
>        hash null
>    }
>    lifetime 1800

Last updated: November 26, 2021